erickchamber.top Open in urlscan Pro
2606:4700:3032::6812:37a6  Malicious Activity! Public Scan

URL: https://erickchamber.top/t.html
Submission: On October 30 via api from CH

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3032::6812:37a6, located in United States and belongs to CLOUDFLARENET, US. The main domain is erickchamber.top.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 30th 2020. Valid for: a year.
This is the only time erickchamber.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Commonwealth Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
8 2606:4700:303... 13335 (CLOUDFLAR...)
4 24.244.156.42 15146 (CABLEBAHAMAS)
12 2
Apex Domain
Subdomains
Transfer
8 erickchamber.top
erickchamber.top
159 KB
4 combankltd.com
cbleib.combankltd.com
13 KB
12 2
Domain Requested by
8 erickchamber.top erickchamber.top
4 cbleib.combankltd.com erickchamber.top
12 2

This site contains links to these domains. Also see Links.

Domain
play.google.com
itunes.apple.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-10-30 -
2021-10-29
a year crt.sh
cbleib.combankltd.com
DigiCert SHA2 Extended Validation Server CA
2020-06-05 -
2022-06-29
2 years crt.sh

This page contains 1 frames:

Primary Page: https://erickchamber.top/t.html
Frame ID: 1972C4A6D8048DEBC126997CA3092517
Requests: 12 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

12
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

173 kB
Transfer

845 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request t.html
erickchamber.top/
18 KB
5 KB
Document
General
Full URL
https://erickchamber.top/t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:37a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f67d79b2e7983521c55d6222155640b5f41da2b32927f09093da88362f5e6dee

Request headers

:method
GET
:authority
erickchamber.top
:scheme
https
:path
/t.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 30 Oct 2020 21:40:29 GMT
content-type
text/html
set-cookie
__cfduid=d8e456ea6811c8be6d1ba7bb1808f2dd01604094029; expires=Sun, 29-Nov-20 21:40:29 GMT; path=/; domain=.erickchamber.top; HttpOnly; SameSite=Lax
last-modified
Wed, 07 Nov 2018 08:39:32 GMT
cf-cache-status
DYNAMIC
cf-request-id
061d0d860b0000e00793374000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ygids7B979TaVIvuDe%2Bkj7DCCm2ZO5rgLcyhQq4feY8TPLspHdy3ritcg0PORwZBA6qygWFQ2WviishyC3L6nSEF%2BEk5pAe52BXRLsYSq3no0bIPZwObX8mpAVGV"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5ea84b833fd3e007-FRA
content-encoding
br
vendor.css
erickchamber.top/files/
209 KB
33 KB
Stylesheet
General
Full URL
https://erickchamber.top/files/vendor.css
Requested by
Host: erickchamber.top
URL: https://erickchamber.top/t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:37a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d2f45997b5a9cadc60c13beedbbf843d2b1718d47f813d915384e44f26a05ef

Request headers

Referer
https://erickchamber.top/t.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 21:40:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 07 Nov 2018 08:26:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t6Sa3i5zvpmMleE2p3%2BdiGlZaKLs2ePRzUygsN2Ww3QFQb3qXkVykc3MU5%2BUWVF%2Bvc5JKlFB6eOfhn6Oy9nkqoonw6%2BkoJpzSHfhVXc7zd70wzsia4OAqpwopzKZ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5ea84b862e05e007-FRA
cf-request-id
061d0d87d40000e0079d082000000001
omnia.css
erickchamber.top/files/
550 KB
65 KB
Stylesheet
General
Full URL
https://erickchamber.top/files/omnia.css
Requested by
Host: erickchamber.top
URL: https://erickchamber.top/t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:37a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c24ed5aca62c867c12e5bab77658a7ffe58c3811c91fe63dc0da6eaa81c9bc00

Request headers

Referer
https://erickchamber.top/t.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 21:40:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 07 Nov 2018 08:42:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PObcRVIOEd153ewCy5arllSlv47s0SLVUzUOgM1Yubx14CUnEsdQftI7fNaQJq%2BpZFmI4GS0S38vokgEWRNpYzQwnVeIt8yZSeqctCmS1q5jBSM%2BHClFN%2Bi3JtlZ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5ea84b862e06e007-FRA
cf-request-id
061d0d87d50000e007b305b000000001
logo.png
erickchamber.top/files/
55 KB
55 KB
Image
General
Full URL
https://erickchamber.top/files/logo.png
Requested by
Host: erickchamber.top
URL: https://erickchamber.top/t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:37a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fb45fc08db7c6cf27900a5ef08eed4c03ec2a8362ccea2d818793a1e01765f8

Request headers

Referer
https://erickchamber.top/t.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 21:40:30 GMT
cf-cache-status
MISS
last-modified
Wed, 07 Nov 2018 08:26:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6PH2tBteuizNPJL208vIZxDBKEFbjsa2m0aFSqH37kV71pxPy9zhVLQQfpwaEJZu8AfWmsi1zRU%2Fyb9hhnTh3lnq%2F9avr8FWvUI2UDY9fXqipIiL0ueKKusccSKu"}],"group":"cf-nel","max_age":604800}
content-type
image/png
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5ea84b862e08e007-FRA
content-length
56376
cf-request-id
061d0d87d50000e007990ff000000001
email-decode.min.js
erickchamber.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://erickchamber.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: erickchamber.top
URL: https://erickchamber.top/t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:37a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://erickchamber.top/t.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 21:40:29 GMT
content-encoding
gzip
vary
Accept-Encoding
nel
{"report_to":"cf-nel","max_age":604800}
status
200
cf-request-id
061d0d88310000e007b3060000000001
last-modified
Tue, 27 Oct 2020 17:34:18 GMT
server
cloudflare
etag
W/"5f985a1a-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lOehESJhH1LkeRYZQwBUAwj0%2FBoT7343oe68JUHeH4vK7kk1XDCTTtmKcoYPF2KCeeE5bhW6dmUV2IA%2FzP0Al3IsgItLQORQe49EFdEcifvpbZIKQXH%2FlZlSZlsy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
5ea84b86bef6e007-FRA
expires
Sun, 01 Nov 2020 21:40:29 GMT
available-in-googleplay.png
cbleib.combankltd.com/img/
5 KB
6 KB
Image
General
Full URL
https://cbleib.combankltd.com/img/available-in-googleplay.png?ver=e4f965f1a4de25197f63f52932f6871e36106872
Requested by
Host: erickchamber.top
URL: https://erickchamber.top/files/omnia.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
24.244.156.42 Nassau, Bahamas, ASN15146 (CABLEBAHAMAS, BS),
Reverse DNS
cbleib.combankltd.com
Software
Microsoft-IIS/8.5 /
Resource Hash
af2e512f2c734d26e24589b243994f37791e43f8cc02c4f70b245c4b284c1fc0

Request headers

Referer
https://erickchamber.top/files/omnia.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 30 Oct 2020 21:43:51 GMT
Last-Modified
Wed, 09 Sep 2020 20:59:02 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"06fa8bec86d61:0"
Content-Length
5480
Content-Type
image/png
available-in-appstore.png
cbleib.combankltd.com/img/
4 KB
5 KB
Image
General
Full URL
https://cbleib.combankltd.com/img/available-in-appstore.png?ver=ecff978bb441ecc68a560a3ff7d0622a7ae9a6b4
Requested by
Host: erickchamber.top
URL: https://erickchamber.top/files/omnia.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
24.244.156.42 Nassau, Bahamas, ASN15146 (CABLEBAHAMAS, BS),
Reverse DNS
cbleib.combankltd.com
Software
Microsoft-IIS/8.5 /
Resource Hash
c2e6a80ec2cff8a14941fed24062c4e0c15bec16c38b0d1b736922cc70c1062c

Request headers

Referer
https://erickchamber.top/files/omnia.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 30 Oct 2020 21:43:51 GMT
Last-Modified
Wed, 09 Sep 2020 20:59:02 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"06fa8bec86d61:0"
Content-Length
4331
Content-Type
image/png
phone@2x.png
cbleib.combankltd.com/img/
1 KB
2 KB
Image
General
Full URL
https://cbleib.combankltd.com/img/phone@2x.png?ver=121211ae89e11a622f97d0df572a4cbc3021bef5
Requested by
Host: erickchamber.top
URL: https://erickchamber.top/files/omnia.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
24.244.156.42 Nassau, Bahamas, ASN15146 (CABLEBAHAMAS, BS),
Reverse DNS
cbleib.combankltd.com
Software
Microsoft-IIS/8.5 /
Resource Hash
3801fd9afb62498f75f381dbff951f3b4b9d3bfaeefaba68b93ca7ffce4b5ac9

Request headers

Referer
https://erickchamber.top/files/omnia.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 30 Oct 2020 21:43:51 GMT
Last-Modified
Wed, 09 Sep 2020 20:59:02 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"06fa8bec86d61:0"
Content-Length
1348
Content-Type
image/png
envelope@2x.png
cbleib.combankltd.com/img/
1 KB
1 KB
Image
General
Full URL
https://cbleib.combankltd.com/img/envelope@2x.png?ver=8b5a913129391ffc61e757a57ea63d737b829b3e
Requested by
Host: erickchamber.top
URL: https://erickchamber.top/files/omnia.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
24.244.156.42 Nassau, Bahamas, ASN15146 (CABLEBAHAMAS, BS),
Reverse DNS
cbleib.combankltd.com
Software
Microsoft-IIS/8.5 /
Resource Hash
4fb6515540e7585a6d7b1b70915981ad528bdccd4beef366d33785d61abaa7a2

Request headers

Referer
https://erickchamber.top/files/omnia.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 30 Oct 2020 21:43:51 GMT
Last-Modified
Wed, 09 Sep 2020 20:59:02 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"06fa8bec86d61:0"
Content-Length
1212
Content-Type
image/png
RxZJdnzeo3R5zSexge8UUT8E0i7KZn-EPnyo3HZu7kw.woff
erickchamber.top/files/fonts/
0
0
Font
General
Full URL
https://erickchamber.top/files/fonts/RxZJdnzeo3R5zSexge8UUT8E0i7KZn-EPnyo3HZu7kw.woff
Requested by
Host: erickchamber.top
URL: https://erickchamber.top/files/omnia.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:37a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Origin
https://erickchamber.top
Referer
https://erickchamber.top/files/omnia.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 21:40:31 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cZ%2BREkhwSUl977pBw9GbVxYfMNg%2F2V41s4ejNuQ%2F5F9HJjb1YcKwLrjKLZ0L6%2B3F%2BoQbHgZp%2Brkn8kg%2Blx39jVn1Z0e72UGciVPjqN66%2FiZUZSD0uIb6TIVcym5A"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
status
404
cache-control
max-age=14400
cf-ray
5ea84b8c990be007-FRA
cf-request-id
061d0d8be50000e007feb35000000001
Hgo13k-tfSpn0qi1SFdUfT8E0i7KZn-EPnyo3HZu7kw.woff
erickchamber.top/files/fonts/
0
0
Font
General
Full URL
https://erickchamber.top/files/fonts/Hgo13k-tfSpn0qi1SFdUfT8E0i7KZn-EPnyo3HZu7kw.woff
Requested by
Host: erickchamber.top
URL: https://erickchamber.top/files/omnia.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:37a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Origin
https://erickchamber.top
Referer
https://erickchamber.top/files/omnia.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 21:40:31 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=koKlzocNOvyLHshC0JRv8F%2Bojih5O02uKeP%2FUhFGV72ot8TKHkqn2CArxFyL0UMLwtLbVrTQVitR5fqxzxwwCTSmI3wKJTMDmFZHG9i8bFpa7eK4wDpu5cw9SLl3"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
status
404
cache-control
max-age=14400
cf-ray
5ea84b8c990fe007-FRA
cf-request-id
061d0d8be20000e007f2346000000001
2UX7WLTfW3W8TclTUvlFyQ.woff
erickchamber.top/files/fonts/
0
0
Font
General
Full URL
https://erickchamber.top/files/fonts/2UX7WLTfW3W8TclTUvlFyQ.woff
Requested by
Host: erickchamber.top
URL: https://erickchamber.top/files/omnia.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:37a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Origin
https://erickchamber.top
Referer
https://erickchamber.top/files/omnia.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 21:40:31 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8JwUAtaNHzK2S7bat%2FMx2M5WNy93j1eAWvOYc%2B4PskLB05vNgSgW71FjktT8zc0AtzXZy6TI3YsG6gKmkzeADS8NCOx4nZ11d5BuKpAMus5PrvfGK97GHjcYrzmU"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
status
404
cache-control
max-age=14400
cf-ray
5ea84b8cb948e007-FRA
cf-request-id
061d0d8bf60000e00723218000000001

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Commonwealth Bank (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes

1 Cookies

Domain/Path Name / Value
.erickchamber.top/ Name: __cfduid
Value: d8e456ea6811c8be6d1ba7bb1808f2dd01604094029